Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
Informations
Name MS10-080 First vendor Publication 2010-10-12
Vendor Microsoft Last vendor Modification 2010-10-12
Severity (Vendor) Important Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves thirteen privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS10-080.mspx

CWE : Common Weakness Enumeration

% Id Name
92 % CWE-20 Improper Input Validation
8 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6727
 
Oval ID: oval:org.mitre.oval:def:6727
Title: Merge Cell Record Pointer Vulnerability
Description: Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3237
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6737
 
Oval ID: oval:org.mitre.oval:def:6737
Title: Lotus 1-2-3 Workbook Parsing Vulnerability
Description: Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3233
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6738
 
Oval ID: oval:org.mitre.oval:def:6738
Title: Out-of-Bounds Memory Write in Parsing Vulnerability
Description: Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3241
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6872
 
Oval ID: oval:org.mitre.oval:def:6872
Title: Negative Future Function Vulnerability
Description: Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3238
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6902
 
Oval ID: oval:org.mitre.oval:def:6902
Title: Ghost Record Type Parsing Vulnerability
Description: Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3242
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7028
 
Oval ID: oval:org.mitre.oval:def:7028
Title: Formula Biff Record Vulnerability
Description: Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3235
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7042
 
Oval ID: oval:org.mitre.oval:def:7042
Title: Excel Record Parsing Integer Overflow Vulnerability
Description: Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3230
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7196
 
Oval ID: oval:org.mitre.oval:def:7196
Title: Real Time Data Array Record Vulnerability
Description: Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3240
Version: 12
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2007
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7209
 
Oval ID: oval:org.mitre.oval:def:7209
Title: Out Of Bounds Array Vulnerability
Description: Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out Of Bounds Array Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3236
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Microsoft Excel 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7475
 
Oval ID: oval:org.mitre.oval:def:7475
Title: Excel Record Parsing Memory Corruption Vulnerability
Description: Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3231
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7555
 
Oval ID: oval:org.mitre.oval:def:7555
Title: Formula Substream Memory Corruption Vulnerability
Description: Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3234
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7575
 
Oval ID: oval:org.mitre.oval:def:7575
Title: Excel File Format Parsing Vulnerability
Description: Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3232
Version: 12
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7616
 
Oval ID: oval:org.mitre.oval:def:7616
Title: Extra Out of Boundary Record Parsing Vulnerability
Description: Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3239
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Microsoft Excel 2002
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4
Application 1
Application 2
Application 1
Application 1

OpenVAS Exploits

Date Description
2010-10-13 Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
File : nvt/secpod_ms10-080.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68573 Microsoft Office Excel File Unspecified Record Parsing Remote Integer Overflow

Microsoft Office Excel is prone to an overflow condition. The program suffers from a sign-extension error and integer overflow error which may be further exploited to cause a heap-based buffer overflow. With a specially crafted Excel file with crafted record information, a context-dependent attacker can potentially execute arbitrary code.
68572 Microsoft Office Excel Formula Record Parsing Memory Corruption (2010-3231)

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68571 Microsoft Office Excel File Format Parsing Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information with certain format parsing, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68570 Microsoft Office Excel Lotus 1-2-3 Workbook Parsing Remote Overflow

Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Lotus 1-2-3 (.wk3) file with an overly long crafted record, a context-dependent attacker can potentially execute arbitrary code.
68569 Microsoft Office Excel Formula Substream Record Parsing Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing Formula Substream records, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68568 Microsoft Office Excel Formula Biff Record Parsing Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating formula information with a dangling pointer, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68567 Microsoft Office Excel Out Of Bounds Array Handling Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, which may be exploited to cause an out-of-bounds memory write, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68566 Microsoft Office Excel Merge Cell Record Pointer Handling Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68565 Microsoft Office Excel Negative Future Function Parsing Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68564 Microsoft Office Excel PtgExtraArray Structure Parsing Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when processing Extra Out of Boundary records, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68563 Microsoft Office Excel RealTimeData Record Array Parsing Remote Code Execution

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating record information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68562 Microsoft Office Excel Out-of-Bounds Memory Write in Parsing Memory Corruption

A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when validating binary file-format information, resulting in memory corruption. With a specially crafted Excel document, a context-dependent attacker can execute arbitrary code.
68561 Microsoft Office Excel Ghost Record Type Parsing Remote Code Execution

Microsoft Office Excel contains a flaw that may allow a context-dependent attacker to execute arbitrary commands or code. The issue is due to missing input validation in a conversion routine when parsing a certain record type and can be exploited to corrupt memory outside the bounds of an allocated heap buffer via an overly large range specified by two record fields in a crafted Excel document, which may allow the attacker to execute arbitrary code.

Snort® IPS/IDS

Date Description
2016-07-26 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 39347 - Revision : 2 - Type : FILE-OFFICE
2016-07-26 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 39346 - Revision : 2 - Type : FILE-OFFICE
2016-07-08 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 39158 - Revision : 1 - Type : FILE-OFFICE
2016-07-08 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 39157 - Revision : 3 - Type : FILE-OFFICE
2016-03-14 Microsoft Office Excel CrErr record integer overflow attempt
RuleID : 37246 - Revision : 1 - Type : FILE-OFFICE
2014-11-16 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 31476 - Revision : 3 - Type : FILE-OFFICE
2014-11-16 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 31475 - Revision : 3 - Type : FILE-OFFICE
2014-11-16 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 31474 - Revision : 3 - Type : FILE-OFFICE
2014-11-16 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 31473 - Revision : 3 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel MergeCells record parsing code execution attempt
RuleID : 21415 - Revision : 10 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel MergeCells record parsing code execution attempt
RuleID : 21414 - Revision : 7 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel MergeCells record parsing code execution attempt
RuleID : 20130 - Revision : 6 - Type : SPECIFIC-THREATS
2014-01-10 Microsoft Office Excel PtgExtraArray parsing attempt
RuleID : 19154 - Revision : 13 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt
RuleID : 19134 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 18806 - Revision : 20 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 18538 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel PtgName invalid index exploit attempt
RuleID : 17764 - Revision : 19 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel GhostRw record exploit attempt
RuleID : 17763 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Excel corrupted TABLE record clean up exploit attempt
RuleID : 17762 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel RealTimeData record exploit attempt
RuleID : 17760 - Revision : 18 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel invalid SerAr object exploit attempt
RuleID : 17759 - Revision : 19 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt
RuleID : 17758 - Revision : 18 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel CrErr record integer overflow attempt
RuleID : 17757 - Revision : 16 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date Description
2010-10-20 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_oct2010.nasl - Type : ACT_GATHER_INFO
2010-10-13 Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex...
File : smb_nt_ms10-080.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-11-16 21:25:22
  • Multiple Updates
2014-02-17 11:46:44
  • Multiple Updates
2014-01-19 21:30:32
  • Multiple Updates